Secure Development Process

EC Wise builds systems that are provably reliable, secure, and provide business value. At every phase of the process, we take steps to ensure that the software architecture and design fulfill business objectives, security standards, and performance requirements.

From day one the main goal is to determine what will make the Client’s operations more successful. Regardless of the industry, the initial questions are generally the same.

  • What pain are you trying to alleviate?
  • What business opportunities and revenues are you trying to capture?
  • What solution can we deliver that provides a high ROI in the short term?
  • How can we visually organize output to be intuitive and informative to your end users?

Our experienced Architecture team will translate the answers into an architectural approach validated by Architectural Spikes and Lo-Fidelity UI Design Spikes. This has the benefit of validating early assumptions and allowing clients refine their requirements based on a better idea of what the end product will look like.

We then plan a first iteration that will provide significant business value with results delivered within two weeks. Our development team (usually working out of our Chengdu R&D center) develops functional specifications, implements code, and automates acceptance tests.

At all levels we think about how to validate before we write specifications or code. Continuous automation tools build and test changed code automatically, and scan all code on “check-in” to find obvious standards violations and security vulnerabilities, thereby reducing cost and increasing confidence.  Key components of our “Bottom Up/ Top Down” strategy include unit testing specific blocks of code against predefined business objectives, integration testing how various functions work to provided business services, and developing “requirements to design” traceability tools.


To find out more about secure application development, visit EC:Secure – Application.